We currently use AWS hosted Elasticsearch, and the connector as-is will not work with our setup as it requires a username and password or API key for access. We currently use networking controls to allow access to these clusters, without username/password logins, and the connector does not allow it to be setup without those included. Further, our strategy for access going forward for these is actually to lean on IAM roles to increase security, not use HTTP basic authentication. As noted below from their documentation, this is an either-or approach, both cannot be used.
"If a resource-based access policy contains IAM users or roles, clients must send signed requests using AWS Signature Version 4. As such, access policies can conflict with fine-grained access control, especially if you use the internal user database and HTTP basic authentication. You can't sign a request with a user name and password and IAM credentials. In general, if you enable fine-grained access control, we recommend using a domain access policy that doesn't require signed requests."
We would love to see this connector updated to better support AWS hosted Elasticsearch.